Huawei EulerOS: Security Advisory for libssh (EulerOS-SA-2021-1088)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Huawei EulerOS: Security Advisory for libssh (EulerOS-SA-2020-2517)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

EulerOS 2.0 SP8 : libssh (EulerOS-SA-2020-2517)

According to the version of the libssh package installed, the EulerOS installation on the remote host is affected by the following vulnerability : - libssh 0.9.4 has a NULL pointer dereference in tftpserver.c if sshbuffernew returns NULL.CVE-2020-16135 Note that Tenable Network Security has...

libssh: denial of service when handling AES-CTR (or DES) ciphers

A flaw was found in the way libssh handled AES-CTR or DES ciphers if enabled ciphers. The server or client could crash when the connection hasn't been fully initialized and the system tries to cleanup the ciphers when closing the connection. The biggest threat from this vulnerability is system...

Moderate: Red Hat Security Advisory: Red Hat Virtualization security, bug fix, and enhancement update

An update for imgbased, redhat-release-virtualization-host, and redhat-virtualization-host is now available for Red Hat Virtualization 4 for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CV...

RHEL 8 : Red Hat Virtualization (RHSA-2020:5218)

The remote Redhat Enterprise Linux 8 host has a package installed that is affected by a vulnerability as referenced in the RHSA-2020:5218 advisory. The redhat-virtualization-host packages provide the Red Hat Virtualization Host. These packages include redhat-release-virtualization-host, ovirt-nod...

Oracle Linux 8 : libssh (ELSA-2020-4545)

The remote Oracle Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2020-4545 advisory. - Add a test for CVE-2019-14889 - Fixed CVE-2019-14889 1781782 - Fixed CVE-2020-1730 1802422 Tenable has extracted the preceding description block...

libssh security, bug fix, and enhancement update

0.9.4-2 - Do not return error when server properly closed the channel 1849071 - Add a test for CVE-2019-14889 - Do not parse configuration file in tortureknownhosts test 0.9.4-1 - Update to version 0.9.4 https://www.libssh.org/2020/04/09/libssh-0-9-4-and-libssh-0-8-9-security-release/ - Fixed...

libssh: unsanitized location in scp could lead to unwanted command execution

A flaw was found with the libssh API function sshscpnew. A user able to connect to a server using SCP could execute arbitrary command using a user-provided path, leading to a compromise of the remote target...

libssh: denial of service when handling AES-CTR (or DES) ciphers

A flaw was found in the way libssh handled AES-CTR or DES ciphers if enabled ciphers. The server or client could crash when the connection hasn't been fully initialized and the system tries to cleanup the ciphers when closing the connection. The biggest threat from this vulnerability is system...

Moderate: Red Hat Security Advisory: libssh security, bug fix, and enhancement update

An update for libssh is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the...

RHEL 8 : libssh (RHSA-2020:4545)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2020:4545 advisory. libssh is a library which implements the SSH protocol. It can be used to implement client and server applications. The following packages ha...

Moderate: libssh security, bug fix, and enhancement update

libssh is a library which implements the SSH protocol. It can be used to implement client and server applications. The following packages have been upgraded to a later upstream version: libssh 0.9.4. BZ1804797 Security Fixes: libssh: denial of service when handling AES-CTR or DES ciphers...

libssh security, bug fix, and enhancement update

An update is available for libssh. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list libssh is a library which implements the SSH protocol. It can be used to...

RLSA-2020:4545 Moderate: libssh security, bug fix, and enhancement update

libssh is a library which implements the SSH protocol. It can be used to implement client and server applications. The following packages have been upgraded to a later upstream version: libssh 0.9.4. BZ1804797 Security Fixes: libssh: denial of service when handling AES-CTR or DES ciphers...

libssh: Denial of service

Background libssh is a multiplatform C library implementing the SSHv2 protocol on client and server side. Description libssh was found to have a NULL pointer dereference in tftpserver.c if the function sshbuffernew returns NULL. Impact An attacker could cause a possible Denial of Service conditio...

GLSA-202011-05 : libssh: Denial of service

The remote host is affected by the vulnerability described in GLSA-202011-05 libssh: Denial of service libssh was found to have a NULL pointer dereference in tftpserver.c if the function sshbuffernew returns NULL. Impact : An attacker could cause a possible Denial of Service condition. Workaround...

Fedora: Security Advisory for libssh (FEDORA-2020-ac3e29073f)

The remote host is missing an update for the Copyright C 2020 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

[SECURITY] Fedora 33 Update: libssh-0.9.5-1.fc33

The ssh library was designed to be used by programmers needing a working SSH implementation by the mean of a library. The complete control of the client is made by the programmer. With libssh, you can remotely execute programs, tra nsfer files, use a secure and transparent tunnel for your remote...

Fedora 32 : libssh (2020-f4f5e49cb8)

Update to version 0.9.5 - https://www.libssh.org/2020/09/10/libssh-0-9-5/ - Fixes CVE-2020-16135 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format it as much as...